How to Easily Manage and Secure Your Passwords

Once upon a time, we protected our valuables physically. When our beloved shmoopie gave us a set of platinum pillowcases (remarkably impractical but it’s the thought that counts), we would fold them carefully and put them in a safe deposit box. It required two keys—ours and the bank manager’s—to open. As safe things go, we would make things pretty safe.

Now, much of our lives are electronic. We talk to our banks, our brokerages, our social media accounts all through the internet. Heck, some of us even have money that’s nothing but electronic bits. The electronic equivalent of that two-part lock is our password. And compared to the physical locks, our passwords are very insecure, indeed. Since I’m something of a security geek, join me to explore password best practices. I’m not going to try to explain the rationale behind each tip. If you’re interested, you can read up on computer security on your own. Today we’re just making a to-do list.

Use Strong Passwords

Use strong passwords. Strong passwords are passwords that are hard to guess. The ideal is to use a long string of random characters, like ns.gHkdvH8ef8N92HiCJZaMuG7d&n6. Choose a password that’s at least 23 or 24 characters long.

Some security experts recommend using the first letter of each word of a memorable sentence, with some punctuation added. “Frisky cats enjoy 437 different types of cat food” becomes Fce4dtocf, and then you could add a # or @ to make it a bit more obscure. The problem is that you need a pretty long sentence to get up past 20 characters.

If you want a password that’s more memorable, choose several words at random and string them together with punctuation. Since words are easier for hackers to guess than random strings of letters, if you use this method, use somewhere between 5 and 7 words. Do not use proper english sentences, just a string of words like: airplane-octopus-hero-holdup-legion-radio.

Use Different Passwords Everywhere

It’s important not to use the same password in multiple places. You’ve probably noticed that trusted institutions keep getting hacked, and their data gets stolen. We’re talking companies like Experian, whose only reason for existence is keeping accurate, secure data, and yet let loose 140 million people’s personal information because they didn’t even follow the “use a strong password” guideline. Then there’s Target, which gave an outside contractor access that led to huge amounts of stolen data, and Yahoo, which accidentally allowed a billion accounts to get hacked.

If you use the same password in multiple places, then a hacker that gets a hold of your password in one place can try that password first when attempting to break into another of your accounts. If you use the same password on Yahoo and Google, then one account breach gives them both accounts.

If you want to amp up this technique, also use different usernames on different sites. I generally choose a random word from the dictionary as a username. So my usernames are things like Zombie, Global, Domination, and Freeze-Ray. No one would ever be able to guess any sort of pattern.